DevOps Guide for OSS Adoption && Why You're the Biggest Vulnerability

18:00 - 18:30 - Gathering & mingling 🍻
18:30 - 18:45 - Opening notes 🎉
18:45 - 19:15 - Open-Source: Open Choice - A DevOps Guide for OSS Adoption
19:15 - 19:45 - Why You Should Care About Open Source Security
--------------------------------Full-Agenda-Below---------------------------------
18:30 - 18:45 - Opening notes
Introduction & Community updates

18:45 - 19:30 - Open-Source: Open Choice - A DevOps Guide for OSS Adoption By Hila Fish (Senior DevOps Engineer @ Wix)

Choosing the right open-source project to use can be quite challenging - not knowing if it’s going to be the right fit, how it will behave, and if you end up wasting time trying to make it all work. We’ve all been there.
But what if I told you there’s a practical way to have a clear understanding of how to incorporate an OSS project in your environment?
In this talk, I’m going to speak about the DevOps perspective on open-source and the challenges Infra-focused engineers have with choosing the right project for their environment.
As a DevOps Engineer, I’ve seen a lot of things, stumbled upon a lot of non-based decisions, and so will present practical advice on how to choose an OSS project for your dev/prod environment and will talk about the business mindset you should have to evaluate the key indicators based on your needs and specific pain points.

19:15 - 19:45 - Why You Should Care About Open Source Security By Liran Tal (Director of Developer Advocacy @ Snyk)

The adoption of open-source software continues to grow and creates significant security concerns for everything from software supply chain attacks in language ecosystem registries to cloud-native application security concerns. In this session, we will explore how developers are targeted as a vehicle for malware distribution, how immensely we depend on open-source maintainers to release timely security fixes, and how the race to the cloud creates new security concerns for developers to cope with, as computing resources turn into infrastructure as code. We’ll learn about real world security incidents that impacted the JavaScript ecosystems, what we can learn from it, and show how security vulnerabilities are actively exploited in the real live applications.